Canary Box Aims to Lure Hackers into Honeypots Before They Make Headlines

A honeypot system should be much less susceptible to false alerts, since almost any access to a honeypot system should, by definition, be suspicious.

The Canary box aims to tackle this problem, offering the reliable reporting of a honeypot, but without the complex configuration. In fact, Thinkst says that configuring Canary should only take a few minutes. A hardware button is used to put the Canary into “configuration” mode. An administrator then connects to the Canary with Bluetooth and chooses the personality it should use: it can masquerade as, for example, Windows Server 2008, Linux, and ReadyNAS—and the services it offers. A fake Windows server can offer Windows shares, host some exciting looking files such as “salaries.xls,” or “top-secret-project.docx,” or whatever else is chosen.

After that initial configuration, the device can then be left alone. The Canary will report attempts to access it through an online management console; if someone port scans it, tries to connect to its network services, or opens files from it, it’ll immediately send an alert.

Canary won’t catch every intruder—one that knows exactly what they’re looking for probably won’t be tempted to look for the tempting treats on the honeypot—but it should nonetheless provide an easy way of finding unauthorized network access that isn’t prone to false positives. Compared to many enterprise-oriented security offerings, it’s also affordable: $5,000 a year for two Canary devices and management through the online console.

Sounds like an interesting device to play around with and test its capabilities.

SCOTT (すこっと)

Scott (すこっと) is a cyber security, threat intelligence strategist, and technology evangelist working and living in Tokyo. In addition to his day job, Scott is fascinated by the future of computing, the technology industry, privacy, encryption, mobile apps, politics, & Japan. Scott enjoys taking pictures with his iPhone and sharing them freely online, primarily on Instagram.